summaryrefslogtreecommitdiff
path: root/source4
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2008-10-02 11:30:14 -0700
committerAndrew Bartlett <abartlet@samba.org>2008-10-06 14:28:27 -0700
commitc3b28c7a81c04a0f019b6c1e543a65d6d48b0b2c (patch)
tree79bec5fba004a80e7b94f0e67d67a36688899830 /source4
parent6a5547742f0b87017e4d21c80ec8facece6688d0 (diff)
downloadsamba-c3b28c7a81c04a0f019b6c1e543a65d6d48b0b2c.tar.gz
samba-c3b28c7a81c04a0f019b6c1e543a65d6d48b0b2c.tar.bz2
samba-c3b28c7a81c04a0f019b6c1e543a65d6d48b0b2c.zip
Fix cross-realm authentication in Samba4's KDC.
Diffstat (limited to 'source4')
-rw-r--r--source4/kdc/hdb-samba4.c8
1 files changed, 5 insertions, 3 deletions
diff --git a/source4/kdc/hdb-samba4.c b/source4/kdc/hdb-samba4.c
index 818c4a12fd..5b7f55822e 100644
--- a/source4/kdc/hdb-samba4.c
+++ b/source4/kdc/hdb-samba4.c
@@ -758,7 +758,7 @@ static krb5_error_code LDB_trust_message2entry(krb5_context context, HDB *db,
goto out;
}
- ndr_err = ndr_pull_struct_blob_all(password_val, mem_ctx, private->iconv_convenience, &password_blob,
+ ndr_err = ndr_pull_struct_blob(password_val, mem_ctx, private->iconv_convenience, &password_blob,
(ndr_pull_flags_fn_t)ndr_pull_trustAuthInOutBlob);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
ret = EINVAL;
@@ -813,6 +813,8 @@ static krb5_error_code LDB_trust_message2entry(krb5_context context, HDB *db,
entry_ex->entry.keys.len++;
}
+ entry_ex->entry.principal = malloc(sizeof(*(entry_ex->entry.principal)));
+
ret = copy_Principal(principal, entry_ex->entry.principal);
if (ret) {
krb5_clear_error_string(context);
@@ -1155,7 +1157,7 @@ static krb5_error_code LDB_fetch_krbtgt(krb5_context context, HDB *db,
principal, HDB_SAMBA4_ENT_TYPE_KRBTGT,
msg[0], realm_ref_msg_1[0], entry_ex);
if (ret != 0) {
- krb5_warnx(context, "LDB_fetch: message2entry failed");
+ krb5_warnx(context, "LDB_fetch: self krbtgt message2entry failed");
}
return ret;
@@ -1193,7 +1195,7 @@ static krb5_error_code LDB_fetch_krbtgt(krb5_context context, HDB *db,
principal, direction,
msg[0], entry_ex);
if (ret != 0) {
- krb5_warnx(context, "LDB_fetch: message2entry failed");
+ krb5_warnx(context, "LDB_fetch: trust_message2entry failed");
}
return ret;